5 Ways to Stay Compliant with 21 CFR Part 11

    Posted by Sierra Labs on Oct 28, 2020 10:48:00 AM

    Learn how to stay compliant with FDA's Part 11 in the age of automation!

    What is FDA 21 CFR Part 11?

    Since 1997, any company operating in the Biopharma or Healthcare space must standardize electronic record keeping under FDA’s 21 CFR Part 11. This regulation defines the criteria under which electronic records and electronic signatures are considered trustworthy or equivalent to paper records.

    In the blog below, we will dive deeper into which areas of CFR Part 11 affect your business, but first, here are some important terms to note:

    • Electronic records
      • Any quality or production record that is maintained electronically. (Quality and production records are legal documents.)
    • Electronic signatures
      • Any approval of a quality or production record done so electronically.
    • Audit trails
      • A trail that ensures that every activity which happens in the record-keeping system generates a record and can be reviewed later.
    • Computer systems
      • Record-keeping systems administered by the organization, which can be closed or open.

    Breaking Down FDA 21 CFR Part 11

    In order to decrease your time-to-market process, the table below includes summarized versions of Part 11’s critical provisions.

    Provision Description
    11.1 Scope The FDA establishes that all electronic records created, modified, maintained, archived, retrieved, and/or transmitted fall under the scope of regulation.
    11.2 Implementation Gives criteria for Medical Device companies to transfer electronic records over to the FDA.
    11.3 Define Closed and Open System

    A closed system is where individuals who are responsible for the content of the electronic records have access to the record-keeping system itself.

    An open system is where individuals who are responsible for the content of the electronic records do not have access to the record-keeping system. Instead, third-party software is responsible for a regulatory license.

    11.10 Defines Controls for Closed

    Limited access to personnel, routine device checks ensuring the integrity of data and signatures, and written policy procedures for system security.

    Maintain an audit trail of revisions and change controls.

    11.30 Outlines Controls for Open Systems More comprehensive measures for open systems since more people have access.
    11.50 - Signature Manifestations Signatures on electronic records should include printed name, date, and time of execution with the attached meaning, such as if it was approval, review, or authorship.
    11.70 - Signature Record/Linking Proper links are needed between electronic records and their respective electronic or handwritten signatures to prevent any form of falsification.
    11.100 - General Requirements

    Requires organizations to verify the identity of any individual who is assigned an electronic signature on the system. *Note: medical device companies must notify the FDA in writing by mail who wish to use electronic signatures.

    11.200 - Electronic Signature Components and Controls

    Electronic signatures cannot be assigned to groups let alone entire departments, only individuals.

    Must use an identification code and a password.

    11.300 - Controls for Identification codes/passwords

    No two individuals should use the same identification/password to access the system. 

    Passwords should be changed periodically to protect against password aging.

    How Do I Stay Compliant with Part 11?

    Now that we have covered what exactly 21 CFR Part 11 contains, let's outline the ways that your business can stay compliant with the regulations!

    Here are the 5 simple ways to stay compliant with 21 CFR Part 11:

    1. Electronic signatures shouldn’t be distributed to multiple documents.
    2. Have Audit Trails to keep track of records and any alterations.
    3. Limit individuals’ access to each document or any form of account sharing.
    4. Change password and logins periodically to establish security protocol.
    5. Make sure to mail your certifications linking all handwritten signatures to their electronic counterparts.

    024 Dark

    How to Lower the Stress of Compliance with Part 11

    Part 11 can feel like yet another regulatory burden on your company, whether your controls are open or closed. Yet, there are a multitude of benefits your business can reap in implementing electronic systems.

    Odds are your company is thinking of changing to, or already using, an open system. Having additional help on ensuring your record-keeping quality process is up to FDA Standards can save you time, money, and stress.

    Navigating the complexity of the regulatory industry can truly be made simple, and all of the weight should not fall on your shoulders. There are resources and tools to make your journey to market smooth and stress-free.

    Here at Sierra Labs, we offer a Quality Management System (QMS) so that you and your business can robustly navigate through FDA regulations, such as Part 11. Sierra QMS is designed for organizations that seek to market medical devices in a global regulated environment.

    Want to breeze through FDA regulations with zero stress? Check out Sierra QMS!

    QMS White Paper

    Sierra Document Automation automates your compliance documentation publishing and can be integrated with the tools you already use.

    Want to see how it can help your organization publish audit-ready documents? Click here now!

    Sierra Document Automation


    Topics: FDA, QMS, Compliance, Regulations, FDA Approval, Medical Devices, Medical Device Company, Audit Trails, FDA Audit, Electronic Records, Electronic Signatures, 21 CFR Part 11, Part 11

    Recent Posts


    See all

    Subscribe Here